ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Raymond.cc compares antivirus memory usage

<< < (5/5)

barney:
I believe it's interesting to report the experience of a certain guy who is very busy about security. After years of experience, now he no longer uses an antivirus, but his purpose is reducing the "attack surface".
-Giampy (May 29, 2013, 03:40 PM)
--- End quote ---

Sounds a lot like Steve Gibson.

The point of an AV software is to block what was already known, and to update its database to include what's recently been discovered.
-ajfudge (May 29, 2013, 02:26 PM)
--- End quote ---

And that's something that damned few of 'em do at all, much less do well.  All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.

use a security sandbox
-ajfudge (May 29, 2013, 02:26 PM)
--- End quote ---

There are folk here that use virtualization, e.g. VirtualBox, for browsing.  Others use one or another of the extant sandbox programs.  And that does supply a degree of protection, although CPU/RAM usage may suffer.  But even that can be circumvented:  I want a particular program, video, song, so I move it out of the sandbox.  Then I open it and become contaminated.  I am quite possibly now a disease vector for anything else I touch, network-wise.

All any anti-malware software [of which I am aware] does is the same thing as that fenced domicile - provide a false sense of security.

In the long run, it's not a matter of being smart so much as it is a matter of knowing the capabilities - and shortcomings - of the tool you are using.

f0dder:
And that's something that damned few of 'em do at all, much less do well.  All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.-barney (May 29, 2013, 09:23 PM)
--- End quote ---
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.

barney:
-f0dder (May 30, 2013, 07:04 AM)
--- End quote ---
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.
[/quote]

Maybe.  The one (1) time that I got hit by such, I was using NOD32, supposedly best of breed at the time.  The malware sailed through NOD32 as pretty as you please, without so much as a hiccup.

Navigation

[0] Message Index

[*] Previous page

Go to full version